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Response to Office Action dated December 23, 2008 

REMARKS 

Claims 1-13 and 15 were pending in this application. Claims 1-7, 9-13 and 15 have been 
amended. Claims 8 and 14 have been canceled. No new matter has been added. 

ARGUMENTS 

Reconsideration in view of the following remarks and entry of the foregoing amendments 
are respectfully requested. 

The Examiner has objected to the drawings on the grounds that they fail to comply with 37 
CFR 1.84(p)(5) because they include reference characters not mentioned in the description. In 
response, Applicant has amended the specification to mention the corresponding reference 
characters. 

Claims 1-7, 9-13 and 15 have been amended in view of the Office Action and to better 
define what Applicant considers his invention, as fully supported by an enabling disclosure. In 
this regard, Claim 1 now recites a module for providing in a Mobile Virtual Private network 
mobility for a remotely connecting node moving between an external network and an internal 
network, the module comprising a mobile agent device positioned at the edge of the internal 
network, the mobile agent adapted for: a. termination of a Mobile IP tunnel from the remotely 
connecting Mobile Node; b. termination of an IPSec VPN tunnel from the remotely connecting 
Mobile Node, the IPSec VPN tunnel used for tunnelling to the mobile agent traffic intended for a 
destination node within the internal network; c. dynamic selection of an Internal Mobile IP Home 
Agent based on user authentication, wherein the mobile agent stores in a mapping table a traffic 
encapsulation type used for routing traffic from the mobile agent to the Internal Mobile IP Home 
Agent; d. if no traffic encapsulation type is set in the mapping table, direct routing of the traffic 
from the mobile agent towards the destination node, and otherwise, if a traffic encapsulation type 
is set in the mapping table, tunneling of the traffic between the mobile agent and the selected 
Internal Mobile IP Home Agent prior to routing of the traffic from the selected Internal Mobile IP 
Home Agent towards the destination node; and e. provision of extended authentication, after 
Mobile IP connection establishment, and during the VPN negotiation phase, based on extra user 
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credentials or a one-time-password mechanism. The claims have also been amended as suggested 
by the Examiner in order to overcome informalities. No new matter has been entered by the 
foregoing amendment. Indeed, support for the amendments can be found, for example, in the 
claims as filed and at paragraphs [0034] lines 27 to 29, [0035] lines 14 to 15, [0036] page 9, lines 
1 to 4, [0039] lines 1 to 10, and [0041] to [0044] of the specification as filed. 

REJECTION UNDER 35 U.S.C. $ 101 

Claims 1-13 and 15 have been rejected under 35 U.S.C. § 101 because the claimed 
invention is directed to non-statutory subject matter by failing to be a process, machine, 
manufacture, or composition of matter. Applicant respectfully submits that Claim 1 as amended 
overcomes the rejection in view of the following argument. 

According to the Supreme Court in In re Bilski, 88 USPQ2d 1385 (Fed. Cir. 2008): "A 
claimed process is surely patent-eligible under §101 if: (1) it is tied to a particular machine or 
apparatus...". Applicant respectfully submits that the processes performed in Claim 1 as amended 
are tied to an apparatus thus satisfying the machine-or-transformation test of In re Bilski as cited 
herein above. Accordingly, Applicant submits that Claim 1 as amended is directed to statutory 
subject matter under 35 U.S.C. § 101 and is allowable. Its dependent claims, which recite yet 
further distinguishing features, are also patentable and require no further discussion herein. 

REJECTION UNDER 35 U.S.C. § 112, SECOND PARAGRAPH 

Claims 1-13 and 15 have been rejected under 35 U.S.C. § 1 12, second paragraph as being 
indefinite. Applicant respectfully submits that the claims as amended overcome the rejection. 

REJECTION UNDER 35 U.S.C. § 102 

Claims 1, 3-5, 8 have been rejected as being anticipated by U.S. Patent Publication No. 
2004/0120295 by Liu et al. under 35 U.S.C. § 102. Applicant respectfully submits that amended 
Claim 1 overcomes the rejection in view of the following argument. 
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Liu et al. teaches a system and method for providing a secure network path through an 
inner and outer firewall pair (106, 108) between a mobile node (120) on a foreign network (130) 
and a corresponding node (110) on a home network (114). A mobile IP proxy (102) is provided 
between the mobile node and a VPN gateway (104) inside the firewalls. The mobile IP proxy acts 
as a surrogate home agent to the mobile node and as a surrogate mobile node to a home agent 
residing on the home network. A home agent (112) may be provided to serve as a router in the 
home subnet of the mobile node, directing traffic to mobile node when mobile node is located 
outside of its home subnet. 

However, Applicant respectfully submits that Liu et al. fails to teach or suggest a mobile 
agent that stores in a mapping table a traffic encapsulation type used for routing traffic from the 
mobile agent to the Internal Mobile IP Home Agent, as is recited at amended Claim 1 . Applicant 
further submits that Liu et al. fails to teach or suggest, if no traffic encapsulation type is set in the 
mapping table, direct routing of the traffic from the mobile agent towards the destination node, 
and otherwise, if a traffic encapsulation type is set in the mapping table, tunneling of the traffic 
between the mobile agent and the selected Internal Mobile IP Home Agent prior to routing of the 
traffic from the selected Internal Mobile IP Home Agent towards the destination node, as is 
recited at amended Claim 1 . 

Indeed, although Liu et al. teaches tunnelling traffic from the Home Agent towards the 
VPN gateway and MIP proxy in order to route network packets intercepted from a corresponding 
node and destined for the remote mobile node, there is no storage by the VPN gateway of a 
traffic encapsulation type used for routing traffic from the VPN gateway. As such, the traffic 
is routed "directly" without tunnelling between the VPN gateway and the Home Agent (see, 
for example, paragraph [0051] of Liu et al.: "The VPN gateway decapsulates the IPSec 
packet (block 465). The VPN gateway then sends the data to the corresponding node directly 
(block 470; FIG. 1 path 8)."). Thus, Applicant submits that in Liu et al., routing of traffic to 
the corresponding node is not based on a traffic encapsulation type that would be stored at 
the VPN gateway, unlike the present invention recited at amended Claim 1. Accordingly, 
there is no teaching of tunnelling the traffic from the VPN gateway if a traffic encapsulation 
type is set in the mapping table. Instead, a tunnel is only established when data is to be 
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routed from the corresponding node to the remotely connected mobile node (see, for 
example, paragraph [0034]: "...the home agent 112 establishes an IPSec SA with VPN 
gateway 104 and applies the SA to all network packets that it intercepts from corresponding 
nodes on home network that are destined for permanent home network address of mobile 
node 120." and paragraph [0046]: "...the home agent tunnel the packet to the VPN gateway, 
typically via IPSec. ... Next, the home agent tunnels the packet using mobile IP to the MIP 
proxy." of Liu et al.). Nowhere is there a teaching of establishing a tunnel between the VPN 
gateway and the Home agent when routing is to be performed from the remotely connected 
mobile node towards the corresponding node and there is only a teaching of directly routing 
the traffic towards the corresponding node regardless of the encapsulation type of the traffic. 

In addition, Applicant submits that Liu et al. fails to teach or suggest a mobile agent 
device positioned at the edge of the internal network, unlike the present invention recited at 
amended Claim 1. Indeed, as can be seen for example from Figures 1A to ID of Liu et al., 
the MIP proxy and VPN gateway are positioned outside of the home network 1 14 within a 
subnetwork or Demilitarized Zone (160) preferably formed using at least one firewall (106 
or 108) (see, for example, paragraphs [0025]and [0026] of Liu et al.). 

In light of the above, Applicant respectfully submits that Liu et al. fails to teach or 
suggest all the elements of the present invention, as recited at amended Claim 1. Applicant thus 
submits that independent Claim 1 as amended is neither anticipated nor obvious in view of Liu et 
al. and is an allowable claim. As all the remaining objected claims depend from an allowable 
claim, Applicant submits that they, too, are allowable claims and require no further discussion 
herein. 

REJECTION UNDER 35 U.S.C. § 103 

Claims 2 and 12 have been rejected as being obvious over Liu et al. in view of U.S. 
Patent Publication Number 2002/0066036 by Makineni et al. under 35 U.S.C. § 103. Claim 13 
has also been rejected as being obvious over Liu et al. in view of U.S. Patent Publication 
Number 2004/0106393 by Chowdhury et al. under 35 U.S.C. § 103. In addition, Claims 6, 7, 9, 
10, 1 1, 15 have been rejected as being obvious over Liu et al. in view of U.S. Patent Publication 
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Number 2003/0224788 by Leung et al. under 35 U.S.C. § 103. Applicant respectfully submits 
that amended Claim 1 overcomes the rejection in view of the arguments provided herein. 

Makineni et al. teaches a system and method for maintaining secure communications 
between a home network and a mobile client when the client roams outside of the home network 
to a new location. The client, after establishing a new IP address for its new location, sends a 
message identifying and registering its new address to a relay server which may include a Foreign 
Agent for communicating with a home server. The relay server further authenticates the client's 
message prior to encapsulation and transmission thereof to the home server. 

Chowdhury et al. teaches a method of controlling access to a prepaid packet data 
communication service from a prepaid client. Time- and volume-based accounting are performed 
for packet data service. 

Leung et al. teaches a method and apparatus for registering a mobile node with a home 
agent using a Mobile IP proxy to inform the mobile node of whether the mobile node is in an 
internal network or a remote network. IP-in-IP tunnelling and IP-in-UDP tunnelling may be used 
for transferring traffic. 

However, Applicant respectfully submits that none of the references, taken alone or in 
combination, teach or suggest a module comprising a mobile agent device positioned at the edge 
of the internal network and which stores in a mapping table a traffic encapsulation type used for 
routing traffic from the mobile agent to the Internal Mobile IP Home Agent, as is recited at 
amended Claim 1. Applicant further submits that none of the references, taken alone or in 
combination, teach or suggest, if no traffic encapsulation type is set in the mapping table, direct 
routing of the traffic from the mobile agent towards the destination node, and otherwise, if a 
traffic encapsulation type is set in the mapping table, tunneling of the traffic between the mobile 
agent and the selected Internal Mobile IP Home Agent prior to routing of the traffic from the 
selected Internal Mobile IP Home Agent towards the destination node, as is recited at amended 
Claim 1 . Accordingly, Applicant submits that it would not be obvious to modify the teachings of 
Liu et al. with those of Makineni et al., Chowdhury et al., or Leung et al. to arrive at the present 
invention recited at amended Claim 1. Thus amended Claim 1 is not obvious in view of the prior 
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art and is patentable. Its dependent claims, which recite yet further distinguishing features, are 
also patentable and require no further discussion herein. 

The foregoing is believed to represent a full response to the Office Action. 


Applicant submits that the present application is in condition for allowance and 
respectfully requests such action. If the Examiner has any questions that can be answered by 
telephone, please contact the undersigned attorney of record at the telephone number listed 


One Atlantic Center, Fourteenth Floor 
1201 West Peachtree Street, NW 
Atlanta, GA 30309-3488 
(404) 572-6900 
(404) 572-6999 (fax) 
jason.bernstein@bryancave.com 


CONCLUSION 


below. 



Respectfully submitted, 
BRYAN CAVE LLP 


/Jason A. Bernstein/ 
Jason A. Bernstein 
Reg. No. 31,236 
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